TL;DR: How to give all users access to a jupyerhub resource on jhub 2.0?
I’m experimenting with RBAC and RTC on Jupyterhub 2.0, largely inspired by ideas brought up in
My immediate plan, while waiting for server-level access control, is to create a single user shared, so that all other users would be able to access the shared user server. I figured that I need to do something like:
c.JupyterHub.load_roles = [
{
"name": "shared_access",
"description": "Allow users to access the shared server",
"scopes": ["access:servers!user=shared"],
"roles": ["user"],
}
]
However I can’t figure out how to ensure that this role is applied to all users on the server. I’ve checked
So you want one server that all users can access? Can I ask why you want to do this? It may cause issues with people overwriting each other’s notebooks. Some alternatives to this is mounting a shared EFS either read-only or read/write or you can use binderhub.
Please see the post I shared about RTC in jupyterhub. Thanks to collaborative editing available in jupyterlab, I expect this will work just fine in my environment.
c.JupyterHub.load_roles = [
{
"name": "user",
"description": "Allow users to access the shared server in addition to default perms",
"scopes": ["self", "access:servers!user=shared"],
}
]
where shared is a user reserved for shared access.
Just chiming in here that specifying the user role in load_roles is absolutely the intended way to change what all JupyterHub users are allowed to do. Additional roles can be assigned to specific users, and I suppose we could support a ‘default roles’ list configuration to make it easier to group collections of permissions that are all enabled by default, but this is the right approach for the moment.